package com.zk.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.handler.SimpleMappingExceptionResolver;

import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
/**
 * <p>
 *  MD5注入与基本配置
 * </p>
 *Shiro 配置类
 * @author jyx
 * @since 2020-11-30
 */


@Configuration
public class ShiroConfig {
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager defaultWebSecurityManager) {
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(defaultWebSecurityManager);
        Map<String, String> filterMap = new HashMap<>();
        /*
         *anno为无需认证
         * Authc必须认证才能访问
         * perms 只需要认证才能通过
         * user必须有记住我功能才能访问
         * role拥有某个角色才能访问
         *
         *
         *
         * */
        filterMap.put("/static/**", "anon");
        filterMap.put("/css/**","anon");
        filterMap.put("/js/**","anon");
        filterMap.put("/image/**","anon");
        filterMap.put("/toLoginView", "anon");

        filterMap.put("/user/add", "perms[user:add]");
        filterMap.put("/user/modify", "perms[user:modify]");
        factoryBean.setLoginUrl("/toLogin");
        factoryBean.setUnauthorizedUrl("/noauth");
        factoryBean.setFilterChainDefinitionMap(filterMap);
        return factoryBean;


    }


    @Bean(name = "securityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager() {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(UserRealm());
        return defaultWebSecurityManager;
    }

    @Bean
    public UserRealm UserRealm() {
       UserRealm userRealm =  new UserRealm();
       userRealm.setCredentialsMatcher(hashedCredentialsMatcher());

        return userRealm;
    }
    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher=new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName("md5");
        hashedCredentialsMatcher.setHashIterations(2);
        return hashedCredentialsMatcher;
    }

    @Bean(name = "simpleMappingExceptionResolver")
    public SimpleMappingExceptionResolver createSimpleMappingExceptionResolver() {
        SimpleMappingExceptionResolver r = new SimpleMappingExceptionResolver();
        Properties mappings = new Properties();
        mappings.setProperty("DatabaseException", "databaseError");//数据库异常处理
        mappings.setProperty("UnauthorizedException", "403");
        r.setExceptionMappings(mappings);
        r.setDefaultErrorView("error");
        r.setExceptionAttribute("ex");     // 缺省值"exception"
        return r;

    }
        @Bean
    public ShiroDialect getShiroDialect() {
        return new ShiroDialect();//ShiroDialect
    }
    //开启Spring AOP扫描 ，代理模式开启
//    @Bean
//    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
//        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator=new DefaultAdvisorAutoProxyCreator();
//        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
//        return defaultAdvisorAutoProxyCreator;
//    }
//
//    @Bean
//    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(){
//
//        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor=new AuthorizationAttributeSourceAdvisor();
//        authorizationAttributeSourceAdvisor.setSecurityManager(getDefaultWebSecurityManager());
//        return authorizationAttributeSourceAdvisor;
//
//    }



}
